Report - www.skniport.com/auth.php/

Report Overview

Visited public
2024-07-02 21:24:30
Tags
URL
www.skniport.com/auth.php/
Finishing URL
www.skniport.com/auth.php/
IP / ASN
172.67.159.219
#13335 CLOUDFLARENET
Title
Steam Community

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
auth.weplay-give.com	unknown	unknown	No data	No data	4.6 kB	1.7 MB	172.67.218.116
www.skniport.com	unknown	unknown	No data	No data	918 B	1.9 kB	172.67.159.219
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-01 18:12:04	1.3 kB	3.5 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-07-02	medium	www.skniport.com/auth.php/	Steam

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	auth.weplay-give.com/0c0239fa0/19209/922ae0d.js?v=h0bm6txPV	ScriptElement	96 kB	2023-03-07	2025-05-07
Pretty URL auth.weplay-give.com/0c0239fa0/19209/922ae0d.js?v=h0bm6txPV IP 172.67.218.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27 Last Seen2025-05-07 21:33 Times Seen34 Hash eba51a61894a773df5cab2a18e499c0b e028428f4f367af2660a66e976f223695020e732 225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab Loading...

	auth.weplay-give.com/55f61	ScriptElement	232 B	2024-08-19	2024-08-19
Pretty URL auth.weplay-give.com/55f61 IP 172.67.218.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:17 Last Seen2024-08-19 18:19 Times Seen2 Hash bca1b803a39702cf8aacf0a294b8477a 0e07fd78085252a737976defccedb4eba935973a d8f4cc8648d58f9b901385c8f6a5d850771ed0f683d573e327ed9bd6de1ab9a9 Loading...

	auth.weplay-give.com/0c0239fa0/19209/93e2d98.js?v=h0bm6txPV	ScriptElement	1.4 MB	2024-08-19	2024-08-19
Pretty URL auth.weplay-give.com/0c0239fa0/19209/93e2d98.js?v=h0bm6txPV IP 172.67.218.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 18:17 Last Seen2024-08-19 18:19 Times Seen2 Hash ee295876c9d8337efa94c5023831abe4 fb59146a994c12dc44d9f074e551953804e8ba1b 28b2c495c5bc36c8010eb5ce91c0bcdc95791fea50910dbc839d359e68c8fb8b Loading...

	unknown	Function	34 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-09 01:36 Times Seen67022 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

HTTP Transactions (16)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b8ee6ca153df6819132dd5d8a6ba5c76
0ed0f0f631777272bd71ba23719e71695c9d95e1
bdca7ce7bb6febd6a6afb56a828cf4422c1a8971524484e8128cafad8e6b3367

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BDCA7CE7BB6FEBD6A6AFB56A828CF4422C1A8971524484E8128CAFAD8E6B3367"
Last-Modified: Tue, 02 Jul 2024 11:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9016
Expires: Tue, 02 Jul 2024 23:54:20 GMT
Date: Tue, 02 Jul 2024 21:24:04 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3242
Expires: Tue, 02 Jul 2024 22:18:08 GMT
Date: Tue, 02 Jul 2024 21:24:06 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3242
Expires: Tue, 02 Jul 2024 22:18:08 GMT
Date: Tue, 02 Jul 2024 21:24:06 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3242
Expires: Tue, 02 Jul 2024 22:18:08 GMT
Date: Tue, 02 Jul 2024 21:24:06 GMT
Connection: keep-alive

auth.weplay-give.com/0c0239fa0/19209/123e563.png

172.67.218.116

200 OK

41 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/123e563.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 772 x 528, 8-bit/color RGBA, non-interlaced
Size
41 kB (41262 bytes)
Hash
a49c05c4f6d0c1a435bee21b6bfc331a
514f0454990e73b685c90af4c20f9756c0b5be4f
0213aec67465510fb19ae32d298c1a1d945483b571cb1e895244785326334299

HTTP Headers

GET /0c0239fa0/19209/123e563.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoqBKSl1pAr%2FQaZBYjSb35RpJry7wOypWDidesjUT2U6Y5D%2Foy3QH8zO3%2FqJjzDtxkyor0dWUWGW9yhtnmU2QLqVwjLxsYMW%2BJGx99DognungJxJk6sMbTLHBlW9AMS8i7RIbW2MOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d3b64abce-CPH
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/468ed8a.png

172.67.218.116

200 OK

10 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/468ed8a.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced
Size
10 kB (10183 bytes)
Hash
c6c193d9feafd5454233dc2a23d84eec
0e8de715d9fac898ba284e2ffb3f069ae18a0351
d7b43d651f2238cd97cbb75617ebda61127066c20faf4486c5637229611a636c

HTTP Headers

GET /0c0239fa0/19209/468ed8a.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6gS8PERuio%2BEfQ20IJBZa%2FL5%2BIVzZl3xhZeuXnwS0nTjO9uoxy48ioxqgVcqORAH0pkclR1NAwtNYtw4Kr%2FapTURX4rgk4mlYdzTDOxeLox%2Bg79pU2oMWFaftQ8GN9XFUDPSKdkVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d2b52abce-CPH
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/7facb6e.png

172.67.218.116

200 OK

16 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/7facb6e.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 356 x 89, 8-bit/color RGBA, non-interlaced
Size
16 kB (15883 bytes)
Hash
0e824aba6da13c23354a9d01d055bd72
f159d921e9885a6a93b75551c2ce109061d2b5c1
92adb1904cca2cf69ce1fc328941f1fd53e721f07b03154f4806c02bdf087625

HTTP Headers

GET /0c0239fa0/19209/7facb6e.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6svR0iWGtuJetF%2BBUH1fa%2FzcJ0aqL1QG1RTVHN11ma2CxEMhmc931YpTQ3MVKGu3GO1AVsna03OddJTuBuEYF9mXjWISjdDuWc9vuEI2ukFWlzHALJj951f0JJT%2BDoFvFhOmEheIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d2b61abce-CPH
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/3fbbf08.png

172.67.218.116

200 OK

990 B

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/3fbbf08.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 96 x 26, 8-bit/color RGBA, non-interlaced
Size
990 B (990 bytes)
Hash
532622786af375ef282bee19a7e38bab
834cc3a7d0421a19612a522a6a696d2b9fefe36b
32f8f8dbb32264e6fa2ad919ab59c04e425f7677816f0a8f2a79b9cb7299a89a

HTTP Headers

GET /0c0239fa0/19209/3fbbf08.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23tWWA%2BzEsi0lQ9tWr6ZU5ElmrsniOwoPUyPtCN5LecvZoahQobSKxXSE%2B176lPFTMIg2l4ak91Wm2uSIvGVfBXVgjMXMA4oWLgxWBKP%2BX%2FKSJiY0dzcID7ZVgI9rHdK0Trmi8kHKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d3b6aabce-CPH
alt-svc: h3=":443"; ma=86400

www.skniport.com/auth.php/

172.67.159.219

200 OK

428 B

URL User Request GET HTTP/2
www.skniport.com/auth.php/
IP
172.67.159.219:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectskniport.com
Fingerprint39:B7:30:5D:0D:3B:F9:D9:6F:56:43:1F:7C:27:C7:09:D2:7E:11:90
ValidityWed, 12 Jun 2024 09:45:56 GMT - Tue, 10 Sep 2024 09:45:55 GMT

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
428 B (428 bytes)
Hash
04a8cf2dde60ad55ad13b31873bafa44
ad9847a0b62cbdd092a8012d57e6102850ac653b
a64529b5bb5d95717603d3c16272f8417a0362b9664532f3f2b7108c2bef33b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Steam

HTTP Headers

GET /auth.php/ HTTP/1.1
Host: www.skniport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 02 Jul 2024 21:24:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqAUkBVx8UHVSHJ63qeomJjtfuNX%2F8oQu9Z5VQ8Fg6u6YZ6Irf%2FU3I9pNcW5AcG9jXadrqmSTQftKiDa9%2Bs0XHqhRU29Fw2TLDX5l0fKVtj5M%2FTAOBWV6TBL5TNXmX4j%2FxRk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89d1b357b9a692f4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.skniport.com/favicon.ico

172.67.159.219

404 Not Found

278 B

URL GET HTTP/3
www.skniport.com/favicon.ico
IP
172.67.159.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.skniport.com/auth.php/
Certificate
IssuerGoogle Trust Services
Subjectskniport.com
Fingerprint39:B7:30:5D:0D:3B:F9:D9:6F:56:43:1F:7C:27:C7:09:D2:7E:11:90
ValidityWed, 12 Jun 2024 09:45:56 GMT - Tue, 10 Sep 2024 09:45:55 GMT

File type
HTML document, ASCII text, with no line terminators
Size
278 B (278 bytes)
Hash
296ec05eaab6809b599efb9be1ac0bf8
fc73e9693893bc84997b5266443f06fd0a1ffa36
42a01397676040cbeabc1b422022a17c7cf74c9deeab70a5b1067e90735ab9f5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.skniport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.skniport.com/auth.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 02 Jul 2024 21:24:04 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuwamavVrUS%2BR9Ik4a5CHwo7lNF%2BNkrHzJjuPJe85G3psnh7x3ypebhEoGrRzojp6E6gQFDk0DwiXS1XShsPtZ8zk%2B4i6sbMiIQbes5dusVANox%2Bmn1c033OL1hy%2FzFR9zm4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35a3d0092eb-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/93e2d98.js?v=h0bm6txPV

172.67.218.116

200 OK

1.4 MB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/93e2d98.js?v=h0bm6txPV
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type

Size
1.4 MB (1389793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0c0239fa0/19209/93e2d98.js?v=h0bm6txPV HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: text/javascript
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3eNfsHDXbXsfdE%2BtWucJIw9oNoBaPIk3i9aMefnpNO%2FEkRKfjFl36AcQTLXUtlWX7vedTLX8RiootfUv6NHoNIcNaSBU9DPN8YwhvinFdZNf0MiSJOyXw%2F96lfeEopcrgE9iddExUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d2b44abce-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/472bcfd.png

172.67.218.116

200 OK

976 B

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/472bcfd.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced
Size
976 B (976 bytes)
Hash
ba20aa5f0a8bc3bb01413446aabcda76
4a102dbdac256299ad35ed66ef7f892db3ed7e62
88615e58e09187c1971d76e25954b379698cb5733ccba7e918bed179a2b42200

HTTP Headers

GET /0c0239fa0/19209/472bcfd.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6Z1clunSaEQDN1unj4PerLXEG0qiGQfbIvG2%2Fwid7WGjzGy8NcXY8r%2ByBaTh3x6mocbl5unEshsWoJK%2FSr58wFLRLGd3KvK9NnCUPigaUYT%2Bse%2BGS0AboraNgZ%2Fg9xHvR6bema%2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d2b4fabce-CPH
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/61b528c.png

172.67.218.116

200 OK

8.6 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/61b528c.png
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
PNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced
Size
8.6 kB (8554 bytes)
Hash
92cc76cb55a099b5bf09d32fe7fd1a18
85681519cfeeb18f0b3a0240f51d2c2f4b312c81
c5dc6d1485f0803e9b402ba71c8e4b95bc2533fced0cf40503c9f559bece9710

HTTP Headers

GET /0c0239fa0/19209/61b528c.png HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: image/png
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ty0YG7AmqC6o2svQccJMI4tsaGHBem7rpAAShL4S25GNd5gFwrFyF7ZtsW58vQr1ecJFB80wSO33sjUwIPCMXYgVKj35OYu6XSEPiMkcvxB0Fvgc8ckw1V0jBRnouDzwMtBMSBgkHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d2b58abce-CPH
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/55f61

172.67.218.116

200 OK

124 kB

URL GET HTTP/2
auth.weplay-give.com/55f61
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.skniport.com/auth.php/
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type

Size
124 kB (124371 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /55f61 HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.skniport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spxVqRttEV4l4SNZJKcpBknNoffkpGdII6KlRDlgRpDPlhsuPA1wq4mszn1ezksWT2ECbJH5gFHHpM9oxM5iVobDuwjiWw0Qbq17CdxLZtXM3Dnm0hCWOmpQwQXDCzptD6jgp6yLnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89d1b35adb77abd4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

auth.weplay-give.com/0c0239fa0/19209/ad0e871.css?v=h0bm6txPV

172.67.218.116

200 OK

41 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/ad0e871.css?v=h0bm6txPV
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
ASCII text, with very long lines (41442), with no line terminators
Size
41 kB (41442 bytes)
Hash
f917885730a804f08751b372ac9100fe
bc27a255319b05fe3e8635cd3d5d23af6ab65270
08fc1d2ab955054f9f262e07773c8872fef360476ac09ad22f643267787faabb

HTTP Headers

GET /0c0239fa0/19209/ad0e871.css?v=h0bm6txPV HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3V%2BU3Cr%2FBaeUjA5hBW31FUOf3vIut4Qkk6Q0TNQ5SRb9tSyfjUIWSZiO7dtHr2DRx6PRAQIxMcqS4eFr%2FF5nPBw%2B1pnm2VKanAgf4aR0q3WjTDoEdZDZojAQOeo31J1NDZdlZpGPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d1b2dabce-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

auth.weplay-give.com/0c0239fa0/19209/922ae0d.js?v=h0bm6txPV

172.67.218.116

200 OK

96 kB

URL GET HTTP/3
auth.weplay-give.com/0c0239fa0/19209/922ae0d.js?v=h0bm6txPV
IP
172.67.218.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auth.weplay-give.com/55f61
Certificate
IssuerGoogle Trust Services LLC
Subjectweplay-give.com
Fingerprint39:E1:56:82:C3:C2:63:8A:97:85:75:9B:A8:19:C6:73:0A:9D:78:B6
ValidityWed, 05 Jun 2024 16:52:36 GMT - Tue, 03 Sep 2024 16:52:35 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95701 bytes)
Hash
eba51a61894a773df5cab2a18e499c0b
e028428f4f367af2660a66e976f223695020e732
225edf54855697e6207ba9bded4d041d824e44c7c842f2803ede51764a9e54ab

HTTP Headers

GET /0c0239fa0/19209/922ae0d.js?v=h0bm6txPV HTTP/1.1
Host: auth.weplay-give.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth.weplay-give.com/55f61
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 02 Jul 2024 21:24:05 GMT
content-type: text/javascript
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 02 Jul 2024 07:15:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTjZ273aDYcjnaH%2FGoE%2FvpnH6b61jK1I0xRyeJ9BPT%2FTr5AAX4eS93WlS3HgCpM7NhVsNyge%2FhonXoNHiSQKFY2TLSXlQzbVqDRjWZQ%2FyoXkks4PWLGGBYiRpRuh6wb2fSHhFMJqwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89d1b35d1b36abce-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by